Exploitdb Exploits
50,095 exploits tracked across all sources.
IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, 4.3.1 - Authenticated Stack-Based Buffer Overflow via Long opts Field
Stack-based buffer overflow in lcfd.exe in Tivoli Endpoint in IBM Tivoli Management Framework 3.7.1, 4.1, 4.1.1, and 4.3.1 allows remote authenticated users to execute arbitrary code via a long opts field.
by Metasploit
Subrion CMS 2.0.4 - Cross-Site Scripting via Poll Title Field
Cross-site scripting (XSS) vulnerability in the poll module in Subrion CMS 2.0.4 allows remote attackers to inject arbitrary web script or HTML via the title field. NOTE: some of these details are obtained from third party information. NOTE: this might overlap CVE-2012-5452.
by Karthik R
Trend Micro Data Loss Prevention Virtual Appliance 5.5 - Directory Traversal
by White Hat Consultores
The KMPlayer 3.0.0.1440 (Windows 7) - '.mp3' Local Buffer Overflow (ASLR Bypass)
by xsploitedsec
Subrion CMS 2.0.4 - SQL Injection via Admin Login Fields
SQL injection vulnerability in admin/index.php in Subrion CMS 2.0.4 allows remote attackers to execute arbitrary SQL commands via the (1) user name or (2) password field.
by Karthik R
Linux Kernel 2.6.28/3.0 (DEC Alpha Linux) - Local Privilege Escalation
by Dan Rosenberg
Tele Data Contact Management Server - Directory Traversal
by AutoSec Tools
Simple Web Server 1.2 - Directory Traversal
by AutoSec Tools
IGSSdataServer.exe <9.00.00.11063 - Buffer Overflow
Multiple stack-based buffer overflows in IGSSdataServer.exe 9.00.00.11063 and earlier in 7-Technologies Interactive Graphical SCADA System (IGSS) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via crafted (1) ListAll, (2) Write File, (3) ReadFile, (4) Delete, (5) RenameFile, and (6) FileInfo commands in an 0xd opcode; (7) the Add, (8) ReadFile, (9) Write File, (10) Rename, (11) Delete, and (12) Add commands in an RMS report templates (0x7) opcode; and (13) 0x4 command in an STDREP request (0x8) opcode to TCP port 12401.
by Metasploit
Aastra IP Phone 9480i - Web Interface Data Disclosure
by Yakir Wizman
ActFax Server FTP - (Authenticated) Remote Buffer Overflow
by b33f
VLC media player <1.1.9 - DoS/Buffer Overflow
Integer overflow in the XSPF playlist parser in VideoLAN VLC media player 0.8.5 through 1.1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow.
by TecR0c
WordPress Plugin GD Star Rating - 'votes' SQL Injection
by anonymous
Data::FormValidator <4.66 - Info Disclosure
The Data::FormValidator module 4.66 and earlier for Perl, when untaint_all_constraints is enabled, does not properly preserve the taint attribute of data, which might allow remote attackers to bypass the taint protection mechanism via form input.
by dst
The Pacer Edition CMS 2.1 - 'email' Cross-Site Scripting
by LiquidWorm
By Source